22 matches found
EUVD-2020-0048
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-17446
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response,...
OPENSUSE-SU-2024:14132-1 python310-asyncpg-0.29.0-1.3 on GA media
These are all security issues fixed in the python310-asyncpg-0.29.0-1.3 package on the GA media of openSUSE Tumbleweed...
Asyncpg Arbitrary Code Execution Via Access to an Uninitialized Pointer
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
GHSA-2XPJ-F5G2-8P7M Asyncpg Arbitrary Code Execution Via Access to an Uninitialized Pointer
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
adbc (=0.0.1), aerie (>=0.0.1b0 <=0.0.1b2) +30 more potentially affected by CVE-2020-17446 via asyncpg (>=0.11.0 <=0.20.1)
asyncpg PYPI version =0.11.0, =0.0.1b0, =0.1.1, =0.0.9, =0.1.0, =0.1.0, =0.12.0, =0.1.0, =3.1.0, =0.5.6, =3.0.22, =0.0.1, =2.0.0, =3.5.0 - ninjin =0.2.0 and more Source cves: CVE-2020-17446 Source advisory: OSV:GHSA-2XPJ-F5G2-8P7M...
Debian: Security Advisory (DLA-2363-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-2363-1 asyncpg - security update
Bulletin has no description...
[SECURITY] [DLA 2363-1] asyncpg security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2363-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta September 03, 2020 https://wiki.debian.org/LTS -...
Denial Of Service (DoS)
asyncpg is vulnerable to denial of service DoS. The vulnerability exists due to the access to an uninitialized pointer in the array data decoder through a server response...
CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
DEBIAN-CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
UBUNTU-CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
Code injection
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
PYSEC-2020-24
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
adbc (=0.0.1), aerie (>=0.0.1b0 <=0.0.1b2) +30 more potentially affected by CVE-2020-17446 via asyncpg (>=0.11.0 <=0.20.1)
asyncpg PYPI version =0.11.0, =0.0.1b0, =0.1.1, =0.0.9, =0.1.0, =0.1.0, =0.12.0, =0.1.0, =3.1.0, =0.5.6, =3.0.22, =0.0.1, =2.0.0, =3.5.0 - ninjin =0.2.0 and more Source cves: CVE-2020-17446 Source advisory: OSV:PYSEC-2020-24...
PYSEC-2020-24
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...